package com.leo.book.distributed.chapter03.encrypt;

import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;

/**
 * Description: 签名认证
 * @author lianliang
 * @date 2017年11月17日 上午11:12:14
 */
public class SignatureCertificate {
	
	/**
	 * 客户端-生成签名
	 * @param params
	 * @return
	 * @throws Exception
	 */
	public static String clientGetSign(Map<String, String> params) throws Exception {
		Set<String> keySet = params.keySet();
		TreeSet<String> sortSet = new TreeSet<String>();
		sortSet.addAll(keySet);
		String keyValueStr = "";
		Iterator<String> it = sortSet.iterator();
		while(it.hasNext()) {
			String key = it.next();
			String value = params.get(key);
			keyValueStr += key + value;
		}
		byte[] bytes = DigitalDigest.getMD5(keyValueStr);
		PrivateKey privateKey = RSA.string2PrivateKey(RSA.getPrivateKey(RSA.getKeyPair()));
		byte[] encryptBytes = RSA.privateEncrypt(bytes, privateKey);
		String hexStr = DigitalDigest.bytes2Hex(encryptBytes);
		return hexStr;
	}
	
	/**
	 * 服务端对客户端数字签名校验
	 * @param params
	 * @param digest
	 * @return
	 * @throws Exception
	 */
	public static boolean serverValidate(Map params, String digest) throws Exception {
		Set<String> keySet = params.keySet();
		TreeSet<String> sortSet = new TreeSet<String>();
		sortSet.addAll(keySet);
		String keyValueStr = "";
		Iterator<String> it = sortSet.iterator();
		while(it.hasNext()) {
			String key = it.next();
			String[] value = (String[])params.get(key);
			keyValueStr += key + value[0];
		}
		String hexStr = DigitalDigest.bytes2Hex(DigitalDigest.getMD5(keyValueStr));
		PublicKey publicKey = RSA.string2PublicKey(RSA.getPublicKey(RSA.getKeyPair()));
		byte[] decryptBytes = RSA.publicDecrypt(DigitalDigest.hex2Bytes(digest),publicKey);
		String decryptDigest = DigitalDigest.bytes2Hex(decryptBytes);
		if(hexStr.equals(decryptDigest)){
			return true;
		} else {
			return false;
		}
	}
	
	/**
	 * 服务端响应-生成签名
	 * @param content
	 * @return
	 * @throws Exception
	 */
	public static String serverGetSign(String content) throws Exception {
		byte[] bytes = DigitalDigest.getMD5(content);
		PrivateKey privateKey = RSA.string2PrivateKey(RSA.getPrivateKey(RSA.getKeyPair()));
		byte[] encryptBytes = RSA.privateEncrypt(bytes, privateKey);
		String hexStr = DigitalDigest.bytes2Hex(encryptBytes);
		return hexStr;
	}
	
	/**
	 * 客户端-对相应签名校验
	 * @param responseContent
	 * @param digest
	 * @return
	 * @throws Exception
	 */
	public static boolean clientValidate(String responseContent, String digest) throws Exception {
		byte[] bytes = DigitalDigest.getMD5(responseContent);
		String responseDigest = DigitalDigest.bytes2Hex(bytes);
		PublicKey publicKey = RSA.string2PublicKey(RSA.getPublicKey(RSA.getKeyPair()));
		byte[] decryptBytes = RSA.publicDecrypt(DigitalDigest.hex2Bytes(digest), publicKey);
		String decryptDigest = DigitalDigest.bytes2Hex(decryptBytes);
		if(responseDigest.equals(decryptDigest)){
			return true;
		}else{
			return false;
		}
	}
	
}
